www.whosgotcorona.com Open in urlscan Pro
34.226.145.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.whosgotcorona.com/
Submission: On March 31 via automatic, source certstream-suspicious (March 31st 2020, 3:20:54 pm UTC)

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 48 domains to perform 85 HTTP transactions. The main IP is 34.226.145.86, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.whosgotcorona.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 31st 2020. Valid for: 3 months.

This is the only time www.whosgotcorona.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	34.226.145.86 34.226.145.86	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::681c:d17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.2.207 151.101.2.207	54113 (FASTLY) (FASTLY)
17	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	23.37.41.20 23.37.41.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	95.101.27.117 95.101.27.117	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	8.241.121.124 8.241.121.124	3356 (LEVEL3) (LEVEL3)
1	67.27.157.252 67.27.157.252	3356 (LEVEL3) (LEVEL3)
4	2a02:26f0:6c0... 2a02:26f0:6c00:187::3134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.214.203 104.111.214.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.109.77.48 104.109.77.48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	196.13.207.40 196.13.207.40	327871 (ANPTIC) (ANPTIC)
1	192.0.72.3 192.0.72.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	163.171.128.153 163.171.128.153	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:190::2bc9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::681c:158d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.155 151.101.112.155	54113 (FASTLY) (FASTLY)
1	192.0.72.30 192.0.72.30	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:4e42:3::272 2a04:4e42:3::272	54113 (FASTLY) (FASTLY)
1	23.37.48.49 23.37.48.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
1	99.84.155.64 99.84.155.64	16509 (AMAZON-02) (AMAZON-02)
1	192.0.66.120 192.0.66.120	2635 (AUTOMATTIC) (AUTOMATTIC)
1	95.100.73.243 95.100.73.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	217.160.224.60 217.160.224.60	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1	92.123.20.250 92.123.20.250	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3033::681b:92db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.215.9 104.111.215.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo ComunicaÃÂ§ÃÂ£o e ParticipaÃÂ§oes SA)
1	23.37.54.213 23.37.54.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.107.83.119 185.107.83.119	43350 (NFORCE) (NFORCE)
1	95.101.27.121 95.101.27.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.124.249.2 192.124.249.2	30148 (SUCURI-SEC) (SUCURI-SEC)
85	46

7 34.226.145.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-145-86.compute-1.amazonaws.com

www.whosgotcorona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681c:d17 (United States)

ASN13335 (CLOUDFLARENET, US)

bootswatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.207 (United States)

ASN54113 (FASTLY, US)

live.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.41.20 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-41-20.deploy.static.akamaitechnologies.com

www.680news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.face2faceafrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.117 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-27-117.deploy.static.akamaitechnologies.com

www.inquirer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.241.121.124 (United States)

ASN3356 (LEVEL3, US)

e0.365dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.27.157.252 (United States)

ASN3356 (LEVEL3, US)

cdn.mos.cms.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:187::3134 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dynaimage.cdn.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.203 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-203.deploy.static.akamaitechnologies.com

www.thesun.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.77.48 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-77-48.deploy.static.akamaitechnologies.com

images.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

static.timesofisrael.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 196.13.207.40 (Burkina Faso)

ASN327871 (ANPTIC, BF)
PTR: mines.gov.bf

www.gouvernement.gov.bf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pmcvariety.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.153 (Germany)

ASN54994 (QUANTILNETWORKS, US)

foto.sondakika.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:190::2bc9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s.rfi.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681c:158d (United States)

ASN13335 (CLOUDFLARENET, US)

biographymask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.155 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

hips.hearstapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.30 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pmcdeadline2.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::272 (Ascension Island)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.48.49 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-48-49.deploy.static.akamaitechnologies.com

images.daznservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

img.bleacherreport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.155.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-64.txl52.r.cloudfront.net

cdn.calciomercato.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.120 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.8newsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.73.243 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-73-243.deploy.static.akamaitechnologies.com

www.jpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.224.60 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: s19319888.onlinehome-server.info

ametrade.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.20.250 (France)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-20-250.deploy.static.akamaitechnologies.com

images.rogersdigitalmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::681b:92db (United States)

ASN13335 (CLOUDFLARENET, US)

www.talkbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.9 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-9.deploy.static.akamaitechnologies.com

i.cbc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.9 (Brazil)

ASN28604 (Globo ComunicaÃÂ§ÃÂ£o e ParticipaÃÂ§oes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.54.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-54-213.deploy.static.akamaitechnologies.com

i.dailymail.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.107.83.119 (Netherlands)

ASN43350 (NFORCE, NL)

ia.tmgrup.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.121 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-27-121.deploy.static.akamaitechnologies.com

static2.abc.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:823 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rawstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.2 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10002.sucuri.net

thevinylfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wikimedia.org upload.wikimedia.org	15 MB
7	whosgotcorona.com www.whosgotcorona.com	286 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	130 KB
4	cnn.com cdn.cnn.com dynaimage.cdn.cnn.com	171 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	talkbasket.net www.talkbasket.net	29 KB
2	bleacherreport.net img.bleacherreport.net	644 KB
2	wordpress.com pmcvariety.files.wordpress.com pmcdeadline2.files.wordpress.com	990 KB
2	nyt.com static01.nyt.com	644 KB
2	doubleclick.net googleads.g.doubleclick.net
2	googleapis.com fonts.googleapis.com	1 KB
1	thevinylfactory.com thevinylfactory.com	230 KB
1	wp.com i1.wp.com	16 KB
1	rawstory.com www.rawstory.com	17 KB
1	abc.es static2.abc.es	94 KB
1	tmgrup.com.tr ia.tmgrup.com.tr	41 KB
1	dailymail.co.uk i.dailymail.co.uk	207 KB
1	glbimg.com s2.glbimg.com	31 KB
1	cbc.ca i.cbc.ca	41 KB
1	rogersdigitalmedia.com images.rogersdigitalmedia.com	10 KB
1	ametrade.org ametrade.org	43 KB
1	jpost.com www.jpost.com	38 KB
1	8newsnow.com www.8newsnow.com	7 MB
1	calciomercato.com cdn.calciomercato.com	99 KB
1	daznservices.com images.daznservices.com	249 KB
1	media-amazon.com m.media-amazon.com	670 KB
1	hearstapps.com hips.hearstapps.com	2 MB
1	biographymask.com biographymask.com	26 KB
1	rfi.fr s.rfi.fr	804 KB
1	sondakika.com foto.sondakika.com	35 KB
1	gouvernement.gov.bf www.gouvernement.gov.bf	255 KB
1	timesofisrael.com static.timesofisrael.com	545 KB
1	indianexpress.com images.indianexpress.com	60 KB
1	thesun.co.uk www.thesun.co.uk	495 KB
1	futurecdn.net cdn.mos.cms.futurecdn.net	218 KB
1	365dm.com e0.365dm.com	30 KB
1	inquirer.com www.inquirer.com	142 KB
1	face2faceafrica.com cdn.face2faceafrica.com
1	facebook.com www.facebook.com
1	fbsbx.com 1 redirects lookaside.fbsbx.com	759 B
1	680news.com www.680news.com	126 KB
1	mrf.io live.mrf.io	25 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	jquery.com code.jquery.com	79 KB
1	bootswatch.com bootswatch.com	22 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
85	48

	Domain	Requested by
17	upload.wikimedia.org
7	www.whosgotcorona.com	www.whosgotcorona.com
4	pagead2.googlesyndication.com	www.whosgotcorona.com pagead2.googlesyndication.com
3	cdn.cnn.com
3	www.google-analytics.com	www.googletagmanager.com www.whosgotcorona.com
2	www.talkbasket.net
2	img.bleacherreport.net
2	static01.nyt.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	www.whosgotcorona.com
1	thevinylfactory.com
1	i1.wp.com
1	www.rawstory.com
1	static2.abc.es
1	ia.tmgrup.com.tr
1	i.dailymail.co.uk
1	s2.glbimg.com
1	i.cbc.ca
1	images.rogersdigitalmedia.com
1	dynaimage.cdn.cnn.com
1	ametrade.org
1	www.jpost.com
1	www.8newsnow.com
1	cdn.calciomercato.com
1	images.daznservices.com
1	m.media-amazon.com
1	pmcdeadline2.files.wordpress.com
1	hips.hearstapps.com
1	biographymask.com
1	s.rfi.fr
1	foto.sondakika.com
1	pmcvariety.files.wordpress.com
1	www.gouvernement.gov.bf
1	static.timesofisrael.com
1	images.indianexpress.com
1	www.thesun.co.uk
1	cdn.mos.cms.futurecdn.net
1	e0.365dm.com
1	www.inquirer.com
1	cdn.face2faceafrica.com
1	www.facebook.com
1	lookaside.fbsbx.com	1 redirects
1	www.680news.com
1	live.mrf.io
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	code.jquery.com	www.whosgotcorona.com
1	bootswatch.com	www.whosgotcorona.com
1	www.googletagmanager.com	www.whosgotcorona.com
85	51

This site contains no links.

Subject Issuer	Validity	Valid
www.whosgotcorona.com Let's Encrypt Authority X3	`2020-03-31` - `2020-06-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-29` - `2020-10-09`	8 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
marfeel5.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-10-24` - `2020-08-08`	9 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
san2.rogersmedia.com DigiCert Secure Site ECC CA-1	`2020-02-05` - `2021-03-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
cdn.face2faceafrica.com Let's Encrypt Authority X3	`2020-02-28` - `2020-05-28`	3 months	crt.sh
www.inquirer.com Go Daddy Secure Certificate Authority - G2	`2019-05-15` - `2021-05-15`	2 years	crt.sh
a.365dm.com Sectigo RSA Extended Validation Secure Server CA	`2020-03-06` - `2021-06-04`	a year	crt.sh
*.futurecdn.net DigiCert SHA2 High Assurance Server CA	`2017-07-20` - `2020-07-01`	3 years	crt.sh
www.turner.com Sectigo RSA Organization Validation Secure Server CA	`2019-09-19` - `2020-09-03`	a year	crt.sh
feeds.thesun.co.uk GeoTrust RSA CA 2018	`2019-06-04` - `2020-09-02`	a year	crt.sh
indianexpress.com DigiCert SHA2 Secure Server CA	`2020-03-30` - `2020-10-02`	6 months	crt.sh
*.timesofisrael.com DigiCert SHA2 Secure Server CA	`2019-11-27` - `2021-02-10`	a year	crt.sh
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
www.action-sociale.gov.bf Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
foto.sondakika.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-08` - `2020-07-07`	a year	crt.sh
hearst-hdm.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-26` - `2020-07-12`	4 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-10-02` - `2020-10-02`	a year	crt.sh
san1.daznservices.com DigiCert Secure Site ECC CA-1	`2020-03-13` - `2021-02-09`	a year	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
*.calciomercato.com Amazon	`2019-08-22` - `2020-09-22`	a year	crt.sh
www.8newsnow.com Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh
*.jpost.com DigiCert SHA2 Secure Server CA	`2019-03-07` - `2020-06-05`	a year	crt.sh
ametrade.org Let's Encrypt Authority X3	`2020-02-07` - `2020-05-07`	3 months	crt.sh
san.rogersmedia.com GeoTrust RSA CA 2018	`2020-03-30` - `2021-04-29`	a year	crt.sh
secure.cbc.ca GeoTrust RSA CA 2018	`2020-03-25` - `2021-05-02`	a year	crt.sh
*.glbimg.com RapidSSL RSA CA 2018	`2019-03-07` - `2020-05-05`	a year	crt.sh
secured.dailymail.co.uk DigiCert Secure Site ECC CA-1	`2020-02-19` - `2021-02-18`	a year	crt.sh
*.tmgrup.com.tr RapidSSL RSA CA 2018	`2019-01-21` - `2021-01-20`	2 years	crt.sh
nets.vocento.com Let's Encrypt Authority X3	`2020-02-24` - `2020-05-24`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
www.thevinylfactory.com GeoTrust EV RSA CA 2018	`2019-02-11` - `2021-02-10`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.whosgotcorona.com/
Frame ID: 2B690B11FFDEE91A57861EFE12271E1C
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200326/r20190131/zrt_lookup.html
Frame ID: D7DF9171C28C17AF209B70338E1CD070
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6088613142518840&output=html&adk=1812271804&adf=3025194257&lmt=1585666987&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.whosgotcorona.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585668034868&bpp=12&bdt=48&idt=54&shv=r20200326&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5771554630224&frm=20&pv=2&ga_vid=445879441.1585668035&ga_sid=1585668035&ga_hid=2126341231&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=3242027692132782&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=65
Frame ID: B024F1A79F253770760D9CA340166965
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: CFBA5F6718EA64A354655B8A3E65F167
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

85
Requests

99 %
HTTPS

38 %
IPv6

48
Domains

51
Subdomains

46
IPs

9
Countries

31457 kB
Transfer

32092 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100759201467426 HTTP 302
https://www.facebook.com/100759201467426/photos/a.100759258134087/100779798132033/?type=3&is_lookaside=1

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.whosgotcorona.com/ 3 KB
3 KB 391ms
117ms Document
text/html 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: c4816db81426bbe25466f5fb7467b947ef401aa1a6f8b4305d30a4a27a8b2c32

Request headers

Host: www.whosgotcorona.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 31 Mar 2020 15:03:07 GMT
Etag: W/"a9e-171311e13f8"
Content-Type: text/html; charset=UTF-8
Content-Length: 2718
Date: Tue, 31 Mar 2020 15:20:34 GMT
Via: 1.1 vegur

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132593989-2

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46538f46cde84fff33704187c06eea63f1c608753f00d66018cbe0b326fe57aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28643
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H2 200 bootstrap.min.css
bootswatch.com/4/flatly/ 180 KB
22 KB 42ms
22ms Stylesheet
text/css 2606:4700:3033::681c:d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bootswatch.com/4/flatly/bootstrap.min.css
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d96bef317cb64c8ff78967301cbd8045cfb709f96b3592ed633af7090a5ee0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 202
status: 200
last-modified: Tue, 17 Mar 2020 17:37:30 GMT
server: cloudflare
x-github-request-id: B8A8:7CAE:12A5B:16B8E:5E710B10
etag: W/"5e710ada-2cfc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Tue, 31 Mar 2020 15:27:12 GMT
cache-control: max-age=14400
cf-ray: 57cb0e21be0d1f31-FRA
x-proxy-cache: MISS

GET
H2 200 css
fonts.googleapis.com/ 2 KB
628 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 15:20:34 GMT
server: ESF
date: Tue, 31 Mar 2020 15:20:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
38 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26c43d28b622abc5c1c277aef3771d8c67e717e0a5fd6f3f93d9c51ca0641d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39169
x-xss-protection: 0
server: cafe
etag: 9983577715997836973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H/1.1 200
OK main.357000b9.chunk.css
www.whosgotcorona.com/static/css/ 1 KB
1 KB 123ms
122ms Stylesheet
text/css 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whosgotcorona.com/static/css/main.357000b9.chunk.css
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 1e42d080b7a218ca3bbf90dcaf9819be22408692d53c582c18a9fba2ec1f4d1e

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 31 Mar 2020 15:20:34 GMT
Via: 1.1 vegur
Etag: W/"404-171311e13f8"
Last-Modified: Tue, 31 Mar 2020 15:03:07 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1028

GET
H/1.1 200
OK jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 20ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

Referer: https://www.whosgotcorona.com/
Origin: https://www.whosgotcorona.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Mar 2020 15:20:34 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-42587"
Vary: Accept-Encoding
X-HW: 1585668034.dop142.fr8.shc,1585668034.dop142.fr8.t,1585668034.cds165.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 80268

GET
H/1.1 200
OK 1.c7ca4d8b.chunk.js Show response
www.whosgotcorona.com/static/js/ 251 KB
251 KB 241ms
117ms Script
application/javascript 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whosgotcorona.com/static/js/1.c7ca4d8b.chunk.js
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: f18a203259857a72b7febf06a8e48f9404d8bcb2208fcbfbef416e6d628c7bd1

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 31 Mar 2020 15:20:35 GMT
Via: 1.1 vegur
Etag: W/"3eb41-171311e13f8"
Last-Modified: Tue, 31 Mar 2020 15:03:07 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256833

GET
H/1.1 200
OK main.e312ceef.chunk.js Show response
www.whosgotcorona.com/static/js/ 3 KB
3 KB 328ms
109ms Script
application/javascript 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whosgotcorona.com/static/js/main.e312ceef.chunk.js
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 51b3b9ec771267d82a98b6b0b21884dcd9d02c63e3d4d49b8690b5e3256511c0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 31 Mar 2020 15:20:35 GMT
Via: 1.1 vegur
Etag: W/"a11-171311e13f8"
Last-Modified: Tue, 31 Mar 2020 15:03:07 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2577

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 20ms
20ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.whosgotcorona.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.whosgotcorona.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/ 214 KB
81 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70660a0c26b2516ddbf115daf99685ca2f2e94f50dd6f2c3092d923cb084b434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82393
x-xss-protection: 0
server: cafe
etag: 16287208858937362219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200326/r20190131/ Frame D7DF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200326/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200326/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.whosgotcorona.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.whosgotcorona.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 26 Mar 2020 22:28:53 GMT
expires: Thu, 09 Apr 2020 22:28:53 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 406301
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
548 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ece8bc3195e86cf40f6f3d35b87141693bcd7ea1576f9963555c5b917137215e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 15:20:34 GMT
server: ESF
date: Tue, 31 Mar 2020 15:20:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132593989-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2519
date: Tue, 31 Mar 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 31 Mar 2020 16:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2126341231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.whosgotcorona.com%2F&ul=en-us&de=UTF-8&dt=Who%27s%20Got%20Corona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2018112936&gjid=862224747&cid=445879441.1585668035&tid=UA-132593989-2&_gid=1543933603.1585668035&_r=1&gtm=2ou3i0&z=904667307

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 15:20:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B024 0
0 37ms
37ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6088613142518840&output=html&adk=1812271804&adf=3025194257&lmt=1585666987&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.whosgotcorona.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585668034868&bpp=12&bdt=48&idt=54&shv=r20200326&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5771554630224&frm=20&pv=2&ga_vid=445879441.1585668035&ga_sid=1585668035&ga_hid=2126341231&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=3242027692132782&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=65

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6088613142518840&output=html&adk=1812271804&adf=3025194257&lmt=1585666987&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.whosgotcorona.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585668034868&bpp=12&bdt=48&idt=54&shv=r20200326&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5771554630224&frm=20&pv=2&ga_vid=445879441.1585668035&ga_sid=1585668035&ga_hid=2126341231&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=3242027692132782&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=65
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.whosgotcorona.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.whosgotcorona.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 31 Mar 2020 15:20:34 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Mar-2020 15:35:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 31 Mar 2020 15:20:34 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7facce5021b734b5df765efeb023fd18f8458e7803cb3cdd6996c4676b10a388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585567762941055"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27953
x-xss-protection: 0
expires: Tue, 31 Mar 2020 15:20:34 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
102 B 14ms
13ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2126341231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.whosgotcorona.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Who%27s%20Got%20Corona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=951140867&gjid=116582826&cid=445879441.1585668035&tid=UA-132593989-2&_gid=1543933603.1585668035&_r=1&z=1577246100

Requested by

Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 15:20:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logo.jpg
www.whosgotcorona.com/images/ 3 KB
3 KB 245ms
244ms Image
text/html 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.whosgotcorona.com/images/logo.jpg
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:35 GMT
Via: 1.1 vegur
Etag: W/"a9e-171311e13f8"
Last-Modified: Tue, 31 Mar 2020 15:03:07 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2718

GET
H/1.1 200
OK people Show response
www.whosgotcorona.com/db/ 19 KB
19 KB 321ms
321ms XHR
application/json 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.whosgotcorona.com/db/people
Requested by: Host: www.whosgotcorona.com
URL: https://www.whosgotcorona.com/static/js/1.c7ca4d8b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: ac1c94f6fef8639570ddba3b40a404eaf8f7077f501a125e0a918b8f5bbd2fde

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.whosgotcorona.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 31 Mar 2020 15:20:35 GMT
Via: 1.1 vegur
Etag: W/"4aec-d/ou3Nt4W4jti5aliQSLpxmA90w"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 19180

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200326&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf13a1c3f51b99dffd640c6afd5a6054b3b714278b9384badc64cc10173bfe02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
Origin: https://www.whosgotcorona.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Mar 2020 15:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5178
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200326/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 31 Mar 2020 15:20:35 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame CFBA 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.whosgotcorona.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.whosgotcorona.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 31 Mar 2020 14:27:41 GMT
expires: Wed, 31 Mar 2021 14:27:41 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3174
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 c6f0ede5-abba-kyari.jpg
live.mrf.io/statics/i/ps/storage.googleapis.com/thisday-846548948316-wp-data/wp-media/2018/09/ 25 KB
25 KB 47ms
9ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.mrf.io/statics/i/ps/storage.googleapis.com/thisday-846548948316-wp-data/wp-media/2018/09/c6f0ede5-abba-kyari.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f95c40a8afef1b243970b191eb6c4056b35870f828a20ced4a9355b3a0ddd14

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-b3-traceid: d15bcb6d8de44405a748e00a9fbb61e4
x-guploader-uploadid: AEnB2UrTCO1_-G0MWjU3q2iMCw3lD9kovanaGO-BX7NQA7dZ3tyalZRXYPEOm-RcCO1L0pwnvPCjHHFyEnQZhpCDlZwkr0fsHw
fastly-io-info: ifsz=54593 idim=800x600 ifmt=jpeg ofsz=25136 odim=750x563 ofmt=webp
status: 200
x-goog-stored-content-encoding: identity
x-served-by: cache-jax20928-JAX, cache-fra19150-FRA
x-goog-meta-height: 600
x-mrf-item-lastmod: 0000000000
x-timer: S1585668036.867763,VS0,VE2
etag: "mizyPSYhBQp/ypcS+K+u16goP3yKTjjzn9ZaRIwlkPY"
vary: Accept
x-goog-generation: 1536467469544444
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=8640000, stale-while-revalidate=2592000, stale-if-error=2592000
x-goog-meta-source-id: 638509b4ac49b6250171f16470d6fe74
mrf-cache-status: HH
x-cache-hits: 1, 1
date: Tue, 31 Mar 2020 15:20:35 GMT
via: 1.1 varnish, 1.1 varnish
x-mrf-section-lastmod: 0000000000
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 222524
fastly-stats: io=1
content-length: 25136
x-b3-traceid-primal: 5249df6e6f6b4969a18301478e784662
x-goog-meta-file-hash: 0b834fc1e9fd68f2a27f30afc5a37d3b
server: nginx
x-goog-hash: crc32c=HsFIOA==, md5=SN93CeP21LeNEyyaOrqqpQ==
x-goog-meta-width: 800
x-goog-stored-content-length: 54593
accept-ranges: bytes

GET
H2 200 2019-11-22_Friedrich_Merz_CDU_Parteitag_by_OlafKosinsky_MG_5695.jpg
upload.wikimedia.org/wikipedia/commons/0/01/ 5 MB
5 MB 133ms
102ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/0/01/2019-11-22_Friedrich_Merz_CDU_Parteitag_by_OlafKosinsky_MG_5695.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

8aaf215b7460193991fb3c4a4d93d77a916cd4e8c2ad12515cb45ba99d8b1d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:07:19 GMT
age: 796
x-cache-status: hit-local
x-cache: cp3057 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 5097822
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 2iz070fwfaw5myqu6wvgq3trxnxyc4r
last-modified: Fri, 22 Nov 2019 17:24:08 GMT
server: ATS/8.0.6
etag: c20b66eab31c58628fd920818b805720
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1574443447.63687
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 CPT17151951.jpg
www.680news.com/wp-content/blogs.dir/sites/2/2020/03/ 125 KB
126 KB 59ms
22ms Image
image/jpeg 23.37.41.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.680news.com/wp-content/blogs.dir/sites/2/2020/03/CPT17151951.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.37.41.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-41-20.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fb300a9ed1864a187d567fdf5678013512b0939145e2be4392275822adcc8f44

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-rdm-id: nws-prd-wap-nws-web-i-08a751e498fbf7350
date: Tue, 31 Mar 2020 15:20:35 GMT
last-modified: Sun, 29 Mar 2020 01:06:14 GMT
server: nginx
etag: "5e7ff486-1f51d"
content-type: image/jpeg
status: 200
expires: Tue, 31 Mar 2020 15:30:35 GMT
cache-control: max-age=600
accept-ranges: bytes
content-length: 128285
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true

GET
H2 200 Franck_Riester_2019_%28cropped%29.jpg
upload.wikimedia.org/wikipedia/commons/2/23/ 1 MB
1 MB 128ms
98ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/2/23/Franck_Riester_2019_%28cropped%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

d06b65e90eecbd46af3da702676084a686067c0476fb2b3475fcd95fd2525ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 02:16:48 GMT
age: 47027
x-cache-status: hit-local
x-cache: cp3065 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 1203786
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: eeusa6a4vbz87s1fy3uxgxod14zrnxs
last-modified: Thu, 07 Mar 2019 17:53:27 GMT
server: ATS/8.0.6
etag: 441ee1360e38c8f8e22ba3ed2536e62d
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1551981206.92012
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2

200

/
www.facebook.com/100759201467426/photos/a.100759258134087/100779798132033/
Redirect Chain

https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100759201467426
https://www.facebook.com/100759201467426/photos/a.100759258134087/100779798132033/?type=3&is_lookaside=1

0
0

138ms
137ms

Image
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/100759201467426/photos/a.100759258134087/100779798132033/?type=3&is_lookaside=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
x-fb-debug: JXTRvoOE7szfmcWJr75vNImHrhggsGNbWeGf2iTsTuQnk01JyI1VG/1Nf7BOrsfA5+nYs27ya78Kw5CxeTDySw==
x-fb-trip-id: 1850256238
x-content-type-options: nosniff
location: https://www.facebook.com/100759201467426/photos/a.100759258134087/100779798132033/?type=3&is_lookaside=1
date: Tue, 31 Mar 2020 15:20:35 GMT, Tue, 31 Mar 2020 15:20:35 GMT
x-frame-options: DENY
content-type: text/html; charset="utf-8"
status: 302
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Official_portrait_of_Mr_Alister_Jack_crop_2.jpg
upload.wikimedia.org/wikipedia/commons/c/cd/ 621 KB
622 KB 126ms
96ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/cd/Official_portrait_of_Mr_Alister_Jack_crop_2.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

def055c1abe67899babec52cfef4919d5b52ffd5185fb2954e53a0228765f952

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 09:29:58 GMT
age: 21037
x-cache-status: hit-local
x-cache: cp3063 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 636099
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: ac7fs4r6zx01sa80b1m9b6wto1l0aez
last-modified: Thu, 27 Jul 2017 04:32:27 GMT
server: ATS/8.0.6
etag: 96c8aafd20ae321667575789dd7941ad
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1501129946.63296
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 403 idris-elba-1.jpg
cdn.face2faceafrica.com/www/wp-content/uploads/2020/03/ 0
0 76ms
7ms Image
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.face2faceafrica.com/www/wp-content/uploads/2020/03/idris-elba-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 LRUCZNP2MFDHJO4KT7QYPLS5PI.jpg
www.inquirer.com/resizer/hES2lhqGlVF4GfBzNnZtt9VTIB0=/1400x932/smart/arc-anglerfish-arc2-prod-pmn.s3.amazonaws.com/public/ 141 KB
142 KB 536ms
511ms Image
image/jpeg 95.101.27.117
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.inquirer.com/resizer/hES2lhqGlVF4GfBzNnZtt9VTIB0=/1400x932/smart/arc-anglerfish-arc2-prod-pmn.s3.amazonaws.com/public/LRUCZNP2MFDHJO4KT7QYPLS5PI.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.27.117 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-27-117.deploy.static.akamaitechnologies.com

Software

Resource Hash

ebc22fdbf150803f842685ef45f7900829ecd77cd0645450ea3038bae6a2360b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
x-check-cacheable: YES
x-serial: 1525
arc-country: DE
etag: "44d878e2c69c1aa25bae68d220a942c06d380a30"
content-type: image/jpeg
status: 200
cache-control: private, no-transform, max-age=900
last-modified: Sun, 29 Mar 2020 02:27:06 GMT
content-security-policy: upgrade-insecure-requests
content-length: 144363
arc-zipcode: NULL
expires: Tue, 31 Mar 2020 15:35:36 GMT

GET
H2 200 1200px-Deportivo_Alaves_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/2/2e/Deportivo_Alaves_logo.svg/ 176 KB
176 KB 42ms
12ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/2/2e/Deportivo_Alaves_logo.svg/1200px-Deportivo_Alaves_logo.svg.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

e46be1d5cb4b2c35e8fca8b7083f139aaeee824af8e45233dc29af9ccac47d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 08:12:23 GMT
age: 25692
x-cache-status: hit-front
x-cache: cp3059 hit, cp3057 hit/7
status: 200
server-timing: cache;desc="hit-front"
content-length: 180176
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: b2rlastv9f5akl2e0wv3awrxyk3fo5p
last-modified: Fri, 18 Oct 2013 01:43:44 GMT
server: ATS/8.0.6
etag: 6bf0f085aa546561e4aa9c32e404d7bf
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1382060623.30192
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK skysports-paulo-dybala-juventus_4901489.jpg
e0.365dm.com/20/01/768x432/ 29 KB
30 KB 59ms
16ms Image
image/jpeg 8.241.121.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e0.365dm.com/20/01/768x432/skysports-paulo-dybala-juventus_4901489.jpg?20200125084648
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.241.121.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.6.3 / Express
Resource Hash: 47672e4e686b88f400351fe84c16e2dabfa49c48cf86af4aa10a5e958b9f091a

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 22:45:25 GMT
Server: nginx/1.6.3
Age: 1614910
X-Powered-By: Express
ETag: W/"74ab-gULnjmVx5AScCHpqUUv+OjCroaM"
Vary: Accept
X-Cache: MISS from squid16.teamtalk.com
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29867
Expires: Tue, 08 Sep 2020 22:45:26 GMT

GET
H/1.1 200
OK btF7wgXq5KJWqnZVFqxmK4-1200-80.jpg
cdn.mos.cms.futurecdn.net/ 217 KB
218 KB 54ms
33ms Image
image/jpeg 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/btF7wgXq5KJWqnZVFqxmK4-1200-80.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: openresty/1.15.8.1 /
Resource Hash: 4863266aa6b24faf9baec6d7b13278a04a0342ce95ad489dce38e70ac138b3e6

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 27 Mar 2020 12:16:51 GMT
X-Backend: default
Age: 356624
X-FTR-DC: TC
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 222383
X-FTR-Balancer: bulkproxyprod01
X-FTR-Request-ID: 00000000:92E4_00000000:0050_5E7DEEB2_115E5:16BC
Server: openresty/1.15.8.1
X-Served-By: kodiak-mos-adapter-varnish-fdc57966-fkvrc
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Wed, 27 May 2020 14:33:03 GMT

GET
H2 200 Marouane_Fellaini_2018.jpg
upload.wikimedia.org/wikipedia/commons/4/4e/ 410 KB
410 KB 66ms
53ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/4e/Marouane_Fellaini_2018.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

964bec1f0a87aba9359d1dffccbce0615a0dfa10893a23e9790fbdf3241512e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 21:34:08 GMT
age: 63988
x-cache-status: hit-local
x-cache: cp3057 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 419784
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: b6x1ub675mo70dbnxtqmv83dqktg27s
last-modified: Sat, 30 Jun 2018 01:49:26 GMT
server: ATS/8.0.6
etag: be63bb3cfd8dd73f96d921b77a2cbad8
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1530323365.14395
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 200329221344-ken-shimura-file-exlarge-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 50 KB
50 KB 29ms
7ms Image
image/jpeg 2a02:26f0:6c00:187::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/200329221344-ken-shimura-file-exlarge-169.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:187::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 145d750f64ef6c2e65a79ebef9931fdd2a6d0eb3507884a80ef56c05af23a404

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 51389
expires: Tue, 31 Mar 2020 16:20:35 GMT

GET
H2 200 Carmen_Calvo_2020_%28portrait%29.jpg
upload.wikimedia.org/wikipedia/commons/c/c2/ 624 KB
625 KB 107ms
94ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/c2/Carmen_Calvo_2020_%28portrait%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

be38bf981b76beeed5d61e79530798f69abfcf957fc9e6c6939e6cbcd4aadb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 06:47:03 GMT
age: 30812
x-cache-status: hit-local
x-cache: cp3063 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 639177
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: ock3p19ye36nkv0vw9zwf48k7lznkhw
last-modified: Thu, 16 Jan 2020 19:53:20 GMT
server: ATS/8.0.6
etag: dc23f9872a2bcbb67666e8707f0278de
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1579204399.62741
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 NINTCHDBPICT000571930598-e1584616819630.jpg
www.thesun.co.uk/wp-content/uploads/2018/11/ 493 KB
495 KB 68ms
47ms Image
image/jpeg 104.111.214.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesun.co.uk/wp-content/uploads/2018/11/NINTCHDBPICT000571930598-e1584616819630.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.203 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 68cca7261fe0491b2e8aea421524c35d6beccc45c2e7bd131841315b9e1dec37

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-rq: fra1 109 84 443
last-modified: Sat, 28 Mar 2020 12:00:10 GMT
server: nginx
x-nu-aka-acs-version: 2.0
etag: "2cb4afc58153c205"
content-type: image/jpeg
status: 200
cache-control: max-age=86400
date: Tue, 31 Mar 2020 15:20:35 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=34, origin; dur=1
accept-ranges: bytes
content-length: 505143
expires: Wed, 01 Apr 2020 15:20:35 GMT

GET
H2 200 joc-kozo-tashima.jpg
images.indianexpress.com/2020/03/ 59 KB
60 KB 60ms
39ms Image
image/jpeg 104.109.77.48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2020/03/joc-kozo-tashima.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.48 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-77-48.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2d37966edc70fc76eed3e850e9654d5df2de7b80361de34a641863de1b3c2089

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-rq: fra1 109 140 443
last-modified: Tue, 17 Mar 2020 12:39:20 GMT
server: nginx
etag: "8dab16e3f11ce5fa"
content-type: image/jpeg
status: 200
cache-control: max-age=60
date: Tue, 31 Mar 2020 15:20:35 GMT
accept-ranges: bytes
content-length: 60818
expires: Tue, 31 Mar 2020 15:21:35 GMT

GET
H2 200 AP_20075008178249.jpg
static.timesofisrael.com/www/uploads/2020/03/ 545 KB
545 KB 739ms
61ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.timesofisrael.com/www/uploads/2020/03/AP_20075008178249.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 511f9f44a837546a4bc0dbfbdc526d5e5b6326f2d3251386e2dc744eabcdd4dd

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
last-modified: Sun, 15 Mar 2020 01:09:31 GMT
etag: "1584234571"
vary: Accept-Encoding
x-hw: 1585668036.dop008.fr8.t,1585668036.cds156.fr8.hn,1585668036.cds161.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=1158936
accept-ranges: bytes
content-length: 557923

GET
H2 200 18Suarez1-mediumSquareAt3X.jpg
static01.nyt.com/images/2020/03/18/opinion/18Suarez1/ 600 KB
601 KB 32ms
12ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/18/opinion/18Suarez1/18Suarez1-mediumSquareAt3X.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 46428443bbcbbf07f2af2737af12542016922eb3f6ed5422d33b681bed4f9c7c

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 528758
status: 200
x-guploader-uploadid: AEnB2UoNXPxY8Ldh5NlTtgvbuDB5KqDvdxwW8K49GsRWInJ5pZWdgg9fTpG0cPPHV2kEBgDn9o3iws8GRvznbXWcZpYp1L0b_A
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 614247
x-served-by: cache-bwi5131-BWI, cache-hhn4076-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 18 Mar 2020 19:05:03 GMT
server: UploadServer
x-timer: S1585668036.901611,VS0,VE3
etag: "f3c0fbcb7c113496b89f66397b39c051"
vary: Origin
x-goog-hash: crc32c=Pf+C8A==, md5=88D7y3wRNJa4n2Y5eznAUQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 25 Mar 2020 12:27:57 GMT

GET
H/1.1 200
OK M.Admin.jpg
www.gouvernement.gov.bf/fileadmin/user_upload/ 255 KB
255 KB 3807ms
143ms Image
image/jpeg 196.13.207.40
ANPTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gouvernement.gov.bf/fileadmin/user_upload/M.Admin.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

196.13.207.40 , Burkina Faso, ASN327871 (ANPTIC, BF),

Reverse DNS

mines.gov.bf

Software

Apache /

Resource Hash

edfd73f3e8ddbeba1798f317f901746b3e9c5256e835d4d69ef20064652ca244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 01 Jun 2019 01:29:12 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Content-Length: 260795
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Apr 2020 15:20:39 GMT

GET
H/1.1 200
OK defaultProfileImg.jpg
www.whosgotcorona.com/images/ 5 KB
6 KB 112ms
110ms Image
image/jpeg 34.226.145.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.whosgotcorona.com/images/defaultProfileImg.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.145.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-145-86.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 8d442b142729234000332cbcce8acbbe0b42bc5c545a1ebc971fa4182bfa94ce

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:35 GMT
Via: 1.1 vegur
Etag: W/"1572-171311dcda8"
Last-Modified: Tue, 31 Mar 2020 15:02:49 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5490

GET
H2 200 tormund.jpg
pmcvariety.files.wordpress.com/2020/03/ 772 KB
773 KB 69ms
36ms Image
image/jpeg 192.0.72.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pmcvariety.files.wordpress.com/2020/03/tormund.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 43b226657549f8960532688895ee2211cd20e35008de21499f97d08d3c31b940

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 3
date: Tue, 31 Mar 2020 15:20:35 GMT
last-modified: Mon, 16 Mar 2020 21:31:37 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 790468
expires: Tue, 07 Apr 2020 02:55:08 GMT

GET
H2 200 milli-boksor-serhat-guler-de-koronavirus-13049335_3573_osd.jpg
foto.sondakika.com/haber/2020/03/24/ 34 KB
35 KB 45ms
11ms Image
image/jpeg 163.171.128.153
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foto.sondakika.com/haber/2020/03/24/milli-boksor-serhat-guler-de-koronavirus-13049335_3573_osd.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.153 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 0afd02091ee61480fb42f524816391981e8cbb71d2635400d26aba9b0b23a877

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
via: 1.1 PSdgflkfFRA1hb199:6 (W), 1.1 PSdgflkfFRA1bc95:13 (W)
last-modified: Tue, 24 Mar 2020 16:26:28 GMT
server: PWS/8.3.1.0.8
etag: "8993-5a19c36b741d8"
x-ws-request-id: 5e835fc3_PSdgflkfFRA1bc9_41143-48110
content-type: image/jpeg
status: 200
cache-control: max-age=604800
x-px: ms PSdgflkfFRA1bc95FRA,ht PSdgflkfFRA1hb199FRA
accept-ranges: bytes
content-length: 35219
expires: Tue, 31 Mar 2020 16:34:02 GMT

GET
H/1.1 200
OK screen_shot_2020-03-17_at_9.22.34_pm.png
s.rfi.fr/media/display/5338f57e-688d-11ea-89bd-005056bf87d6/w:1240/p:16x9/ 803 KB
804 KB 83ms
68ms Image
image/png 2a02:26f0:6c00:190::2bc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.rfi.fr/media/display/5338f57e-688d-11ea-89bd-005056bf87d6/w:1240/p:16x9/screen_shot_2020-03-17_at_9.22.34_pm.png
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:190::2bc9 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Clara-WADP /
Resource Hash: abd044afd2198d6c555850bb89d8aa7e8cd5075f187f58002469d63cd7e1b750

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Clara-Backend-ID: db117__fmm__MEZZO_PROD
inserted-into-cache-at: Tue, 24 Mar 2020 19:24:05 GMT
Date: Tue, 31 Mar 2020 15:20:35 GMT
Server: Clara-WADP
ETag: "4b07763dcb058561b6983b638c62c8f859e4e719a6f95cf780e30c7e7321d346"
X-Clara-WADP: 180100987
X-Fmm-Version: 5.0.33
Cache-Control: max-age=2592000, public
Content-Disposition: inline; filename="w1240-p16x9-screen_shot_2020-03-17_at_9.22.34_pm.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 822358
X-WADP-Cache: MISS

GET
H2 200 Dmitry-Strokhov.jpg
biographymask.com/wp-content/uploads/2020/03/ 26 KB
26 KB 196ms
116ms Image
image/jpeg 2606:4700:3031::681c:158d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biographymask.com/wp-content/uploads/2020/03/Dmitry-Strokhov.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:158d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46634615eaec9d9c20edbe6336329424806746bf86e686da88f6f7c5216b7cd9

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Mar 2020 09:55:34 GMT
server: cloudflare
etag: "682b-5a1e73816ba23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57cb0e28bae9d6e9-FRA
content-length: 26667

GET
H2 200 200325143353-steven-dick-large-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 16 KB
16 KB 11ms
9ms Image
image/jpeg 2a02:26f0:6c00:187::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/200325143353-steven-dick-large-169.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:187::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 7de25efc85ccf8b8af3d24a5d4a6ea53a4a0068393e2b843fb754a432aa13720

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 16163
expires: Tue, 31 Mar 2020 16:20:35 GMT

GET
H2 200 prince-charles-prince-of-wales-waves-as-he-attends-the-news-photo-1585576352.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 2 MB
2 MB 38ms
18ms Image
image/jpeg 151.101.112.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/prince-charles-prince-of-wales-waves-as-he-attends-the-news-photo-1585576352.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.155 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c027269d3339555edfdbc9e15d134f956039f2cb27b0f81d48718b1d7b44671c

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
x-image-dimensions: 4398:2883
age: 91681
x-canonical-ops: crop=4398:2883;0,0&resize=4398:2883
x-source-image-dimensions: 4398:2883
status: 200
x-animated: 0
x-cache: HIT, HIT
content-length: 1736018
x-served-by: cache-bwi5128-BWI, cache-hhn4046-HHN
x-timer: S1585668036.903264,VS0,VE7
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
expires: Tue, 31 Mar 2020 01:52:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Bento_Albuquerque_em_26_de_mar%C3%A7o_de_2019_%281%3B_cropped%29.jpg
upload.wikimedia.org/wikipedia/commons/f/fb/ 1 MB
1 MB 327ms
325ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/f/fb/Bento_Albuquerque_em_26_de_mar%C3%A7o_de_2019_%281%3B_cropped%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

27fea8bd243bb4ac47bc6a9c6bafd3914148bcab43e439df9d0f687c1146507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 19:32:45 GMT
age: 71270
x-cache-status: hit-local
x-cache: cp3059 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 1504743
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: iw4ffy39oedtblz7igcstyypnq54xlj
last-modified: Wed, 27 Mar 2019 16:52:55 GMT
server: ATS/8.0.6
etag: 18a8e7641ccbf79e372d28c67f382821
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1553705574.15439
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 Official_portrait_of_Ms_Nadine_Dorries_crop_2.jpg
upload.wikimedia.org/wikipedia/commons/4/44/ 449 KB
450 KB 406ms
403ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/44/Official_portrait_of_Ms_Nadine_Dorries_crop_2.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

7f5e63d4d4a5a4742ec4310e8b05852c83320c0d1007164bd423092ad4f057f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 14:06:04 GMT
age: 4471
x-cache-status: hit-local
x-cache: cp3055 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 460026
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: qtgnwvgy6k4gjt2sd9pdsdj9kxgyuru
last-modified: Thu, 27 Jul 2017 01:16:01 GMT
server: ATS/8.0.6
etag: 15161eecc095fc0becc3ea10f5301969
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1501118160.69516
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 200px-Official_photo_of_Quim_Torra_%28cropped%29.jpg
upload.wikimedia.org/wikipedia/commons/thumb/b/bd/Official_photo_of_Quim_Torra_%28cropped%29.jpg/ 16 KB
17 KB 323ms
320ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/b/bd/Official_photo_of_Quim_Torra_%28cropped%29.jpg/200px-Official_photo_of_Quim_Torra_%28cropped%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

6af3d2e6a0aea679f63d91d2cabde2da73a8b9f916cd839f473f6a0e4453a4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 21:23:24 GMT
age: 64631
x-cache-status: hit-local
x-cache: cp3053 hit, cp3057 miss
status: 200
server-timing: cache;desc="hit-local"
content-length: 16866
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Thu, 04 Oct 2018 00:19:36 GMT
server: ATS/8.0.6
etag: 330ba30ae1a1ee59c2a0742a1c34fe2f
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1538612375.27414
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 200312130020-bolsonaro-aide-trump-coronavirus-exlarge-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 39 KB
40 KB 9ms
7ms Image
image/jpeg 2a02:26f0:6c00:187::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/200312130020-bolsonaro-aide-trump-coronavirus-exlarge-169.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:187::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: b03aac4389cf4f8ca718e9e1954a3236fee4d6ef2fc32576204dc7a4ebfb9278

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 40262
expires: Tue, 31 Mar 2020 16:20:35 GMT

GET
H2 200 Alpha_Barry_%28cropped%29.jpg
upload.wikimedia.org/wikipedia/commons/f/f1/ 249 KB
249 KB 325ms
322ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/f/f1/Alpha_Barry_%28cropped%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

8b3b8075462bea62456dc410aeb7beb6de7438e4d935977f1c398ab2959514b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 09:12:02 GMT
age: 22113
x-cache-status: hit-local
x-cache: cp3061 hit, cp3057 miss
status: 200
server-timing: cache;desc="hit-local"
content-length: 254791
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: qvb8gv9juml4ge6cxtn7dd0lpn93lxn
last-modified: Tue, 28 Jun 2016 00:46:35 GMT
server: ATS/8.0.6
etag: cbf187e054430a6df6e0b340412330a8
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1467074794.20362
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 tom-hanks-rita-wilson.jpg
pmcdeadline2.files.wordpress.com/2020/03/ 217 KB
217 KB 61ms
37ms Image
image/jpeg 192.0.72.30
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pmcdeadline2.files.wordpress.com/2020/03/tom-hanks-rita-wilson.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.30 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 95dc8a0b0e013b4b090be429c151435bb62837d4905c6ac2183c8d87498499b1

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 30 np
date: Tue, 31 Mar 2020 15:20:35 GMT
last-modified: Thu, 12 Mar 2020 15:13:02 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 221969
expires: Thu, 02 Apr 2020 07:51:31 GMT

GET
H2 200 MV5BOTRjYWNmNmMtYTFjZi00MWEzLWFhNjEtNWQwMTlkNDc0MzQzXkEyXkFqcGdeQXVyMjgyODMzNw@@._V1_.jpg
m.media-amazon.com/images/M/ 669 KB
670 KB 22ms
12ms Image
image/jpeg 2a04:4e42:3::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/M/MV5BOTRjYWNmNmMtYTFjZi00MWEzLWFhNjEtNWQwMTlkNDc0MzQzXkEyXkFqcGdeQXVyMjgyODMzNw@@._V1_.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b8e3835d0ebad069c2b96385faef69771c1766239a1288c46c4792004dcaa632

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:35 GMT
last-modified: Thu, 16 Aug 2018 20:44:57 GMT
age: 1004113
x-served-by: cache-dca17739-DCA, cache-fra19138-FRA
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: 02e007a4-1b92-424b-81ae-dba33127d11f
accept-ranges: bytes
access-control-allow-origin: *
content-length: 685427
expires: Thu, 15 Mar 2040 00:25:23 GMT

GET
H2 200 daniele-rugani-juventus_gvrnjxns0s6c1ijy3me0er83x.jpg
images.daznservices.com/di/library/GOAL/e9/3/ 248 KB
249 KB 121ms
50ms Image
image/jpeg 23.37.48.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.daznservices.com/di/library/GOAL/e9/3/daniele-rugani-juventus_gvrnjxns0s6c1ijy3me0er83x.jpg?t=1156727326&quality=100
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.37.48.49 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-48-49.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9cd9dfffa1ea96dd7ca0c0b3792a7d7aedcf4cd1adac57ac25608cef3c475310

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
last-modified: Wed, 06 Nov 2019 16:09:39 GMT
server: nginx
etag: "3e140-596afc69f300e"
content-type: image/jpeg
status: 200
x-server-id: bd0114353458c9fd2868620875abfc7dfdcd244c
cache-control: max-age=42665
accept-ranges: bytes
content-length: 254272
expires: Wed, 01 Apr 2020 03:11:41 GMT

GET
H/1.1 200
OK hi-res-2083c9f06ac5a6a1d1134b7a082b2139_crop_north.jpg
img.bleacherreport.net/img/images/photos/003/857/395/ 350 KB
351 KB 81ms
11ms Image
image/jpeg 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.bleacherreport.net/img/images/photos/003/857/395/hi-res-2083c9f06ac5a6a1d1134b7a082b2139_crop_north.jpg?1584131796&w=3072&h=2048
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.7.7 /
Resource Hash: c28cd7a60fdd275f416e838caf51c0b360db6e8a237e50a9665560b0207c4150

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: aoPMD0_wIqqohI7osAfiuE6tMxS2rRtV
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1535780
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT, HIT
Date: Tue, 31 Mar 2020 15:20:36 GMT
X-Cache-Hits: 1, 1, 1
Connection: keep-alive
Content-Length: 358321
x-amz-id-2: j3M0eBhk6+6JEob6aXwCxrNzKULBxomIhhS4SD5JHB+RWx7U7cDPn3FPiBO8LvDUZjRT0FsRi2M=
X-Served-By: cache-iad2145-IAD, cache-dca17751-DCA, cache-fra19171-FRA
Last-Modified: Fri, 13 Mar 2020 20:37:53 GMT
Server: nginx/1.7.7
X-Timer: S1585668036.071247,VS0,VE3
ETag: "ec5556fb48bbfbbb6e6e4d2ecf06f766"
x-amz-request-id: 7A8C522ACEFBF2D3
Cache-Control: max-age=252460800
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Sat, 04 Mar 2028 16:07:26 GMT

GET
H2 200 vlahovic.fiorentina.esultanza.inter.2020.1400x840.jpg
cdn.calciomercato.com/images/2019-12/ 99 KB
99 KB 219ms
174ms Image
image/jpeg 99.84.155.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.calciomercato.com/images/2019-12/vlahovic.fiorentina.esultanza.inter.2020.1400x840.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-64.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36daed6285105c49fb513f0315fd800bc04ea03f39449a82c597dd063936d685

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:37 GMT
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
last-modified: Sun, 15 Dec 2019 23:06:41 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "1ae1580ceb127b0d5635495b1a761fe5"
x-cache: Miss from cloudfront
x-amz-version-id: B9QVU7EP57bCJxst8ar2jZJ3da_m4NCf
status: 200
cache-control: max-age=2592000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 101277
x-amz-cf-id: KCeNidCNzaPTG-y4wP26FuVchBnps_ZzVhPqljuZBstlAhBR5LY4Gg==

GET
H2 200 25Cardoz1-articleLarge.jpg
static01.nyt.com/images/2020/03/26/dining/25Cardoz1/ 42 KB
43 KB 81ms
80ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/26/dining/25Cardoz1/25Cardoz1-articleLarge.jpg?quality=75&auto=webp&disable=upscale
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cb5bd7c1f8505c5bbe532a2a0f72d23cfbe47ca3eb52d7e5258f691e0e7ac342

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
via: 1.1 varnish, 1.1 varnish
age: 495318
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=86610 idim=600x400 ifmt=jpeg ofsz=43502 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 43502
x-served-by: cache-bwi5127-BWI, cache-hhn4076-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1585668036.053215,VS0,VE1
etag: "HOSoo/PCBNoghk47xLRx/O25JZJKwehX9MWPiO7wWEs"
vary: Accept
x-goog-hash: crc32c=g9M75A==, md5=Eh2PnQfESRqgRd8yv68xfQ==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UrjlHuzwo4ZxF_NWDh7wgeYpAgypIxdEnc-SZynQmxPeNAz3suTSprDP0N-7wbfNFxLGcVOEsW277ECJL6ZPaGEM2KP5g
expires: Wed, 25 Mar 2020 21:45:18 GMT

GET
H2 200 RandPaul.jpg
www.8newsnow.com/wp-content/uploads/sites/59/2020/03/ 7 MB
7 MB 38ms
8ms Image
image/jpeg 192.0.66.120
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8newsnow.com/wp-content/uploads/sites/59/2020/03/RandPaul.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3640454384f4c0ec6ac37ce31bf8924d7d4ed1cdd2d9c7dfc4fd5b38fdb0263a

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
x-rq: fra1 109 196 443
last-modified: Sun, 22 Mar 2020 18:02:09 GMT
server: nginx
etag: "8efa8529cc32a2dc"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6928809
expires: Sat, 27 Mar 2021 18:01:34 GMT

GET
H/1.1 200
OK ShowImage.ashx
www.jpost.com//HttpHandlers/ 37 KB
38 KB 209ms
188ms Image
image/jpeg 95.100.73.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jpost.com//HttpHandlers/ShowImage.ashx?id=359697&w=822&h=537
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.73.243 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-243.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fdb5f1e642dda4d41aff652714cca5813c1b982a55baa2775af492580a336791

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:36 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: private, max-age=31536000
Connection: keep-alive
Content-Length: 38165
Expires: Wed, 31 Mar 2021 15:20:36 GMT

GET
H2 200 220px-Portrait_of_Masoumeh_Ebtekar.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/60/Portrait_of_Masoumeh_Ebtekar.jpg/ 13 KB
13 KB 224ms
223ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Portrait_of_Masoumeh_Ebtekar.jpg/220px-Portrait_of_Masoumeh_Ebtekar.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

4087588b1e89957686e24e533ead4cec2bf964f5c9d5e695077ac93e7b82588e

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 22:43:54 GMT
age: 59802
x-cache-status: hit-front
x-cache: cp3059 hit, cp3057 hit/2
status: 200
server-timing: cache;desc="hit-front"
content-length: 13411
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Tue, 10 Mar 2020 20:23:13 GMT
server: ATS/8.0.6
etag: af83dbef7539502d4fc0acf9b22dba6d
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1583871792.70108
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 Irene_Montero_2020_%28portrait%29.jpg
upload.wikimedia.org/wikipedia/commons/b/b2/ 685 KB
686 KB 225ms
224ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/b/b2/Irene_Montero_2020_%28portrait%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

b025b7b0e1bd3b921a74079cfcc977665d8b1c2a31f3cd0cc9aaaf7d9a888e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 20:20:00 GMT
age: 68437
x-cache-status: hit-local
x-cache: cp3061 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 701659
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: la35g7om4rpskbn5shbx63tphag0w3u
last-modified: Thu, 16 Jan 2020 20:19:01 GMT
server: ATS/8.0.6
etag: 7ab9409575a87e2f683a954b4019b8aa
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1579205940.72785
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK idani.png
ametrade.org/jmp/wp-content/uploads/sites/22/2019/10/ 43 KB
43 KB 3416ms
12ms Image
image/png 217.160.224.60
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ametrade.org/jmp/wp-content/uploads/sites/22/2019/10/idani.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.160.224.60 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS: s19319888.onlinehome-server.info
Software: Apache / PleskLin
Resource Hash: f948d3a775b6aa057a4f526831c6f974e907956a606321f229b9a20ce7d67616

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:39 GMT
MS-Author-Via: DAV
Last-Modified: Wed, 23 Oct 2019 13:42:22 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 43805
ETag: "2801a0-ab1d-5959416206fe3"
Expires: Wed, 31 Mar 2021 15:20:39 GMT

GET
H2 200 Official_portrait_of_Rt_Hon_Matt_Hancock_MP_crop_2.jpg
upload.wikimedia.org/wikipedia/commons/9/91/ 2 MB
2 MB 211ms
211ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/9/91/Official_portrait_of_Rt_Hon_Matt_Hancock_MP_crop_2.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

661764aeb1187f719832c5cc58e2e9c47058c523ee0870fbde6e03090408a362

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 07:30:24 GMT
age: 28212
x-cache-status: hit-local
x-cache: cp3053 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 1980544
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: nx9edoi22ygzsyqtmbe4kj229on1iic
last-modified: Wed, 05 Feb 2020 10:25:00 GMT
server: ATS/8.0.6
etag: 1aadff62bbb616ebfd985b7ccc15d2f3
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1580898299.47126
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 https%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F180604083039-andy-cohen-lincoln-center-2018.jpg
dynaimage.cdn.cnn.com/cnn/c_fill,g_auto,w_1200,h_675,ar_16:9/ 65 KB
65 KB 33ms
31ms Image
image/jpeg 2a02:26f0:6c00:187::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynaimage.cdn.cnn.com/cnn/c_fill,g_auto,w_1200,h_675,ar_16:9/https%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F180604083039-andy-cohen-lincoln-center-2018.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:187::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 3e6b66164836e6189e724a03fbcf1e7863cde0f2f49d9823a79c351d8a760444

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Tue, 31 Mar 2020 15:20:36 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 66618
content-type: image/jpeg

GET
H/1.1 200
OK ottawa-senators.png
images.rogersdigitalmedia.com/www.sportsnet.ca/team_logos/200x200/hockey/nhl/ 10 KB
10 KB 106ms
20ms Image
image/png 92.123.20.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.rogersdigitalmedia.com/www.sportsnet.ca/team_logos/200x200/hockey/nhl/ottawa-senators.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.20.250 , France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-20-250.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f756006ceed170223d6ff99abb0885f1df84c5769a30c94385b4c6d24dfff94d

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 31 Mar 2020 15:20:36 GMT
Last-Modified: Tue, 27 Feb 2018 18:38:59 GMT
Server: nginx
ETag: "5a95a5c3-26ae"
Content-Type: image/png
X-RDM-ID: spn-prd-wap-spn-web-i-0d6944407176c3c94
Expires: Wed, 01 Apr 2020 15:20:36 GMT
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9902
X-UA-Compatible: IE=Edge,chrome=1,requiresActiveX=true

GET
H2 200 Lewes_0_Chelsea_DS_1_Pre_Season_22_07_2017-599_%2836103251735%29_%28cropped%29.jpg
upload.wikimedia.org/wikipedia/commons/4/4c/ 2 MB
2 MB 214ms
213ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/4c/Lewes_0_Chelsea_DS_1_Pre_Season_22_07_2017-599_%2836103251735%29_%28cropped%29.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

7cc50de68a97613164bd4f872455b36e9a07a64ec2d3f06d36e3b7f4957ec68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 21:31:40 GMT
age: 64136
x-cache-status: hit-local
x-cache: cp3059 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 1882377
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: sb1b2567ywudu77gh0v9dub3r5oradg
last-modified: Sun, 17 Nov 2019 23:18:00 GMT
server: ATS/8.0.6
etag: 1acf0250ca425b44bfacd7ea24ea0b92
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1574032679.77118
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 DeAndre-Jordan-Brooklyn-Nets.webp
www.talkbasket.net/wp-content/uploads/2019/11/ 29 KB
29 KB 47ms
14ms Image
image/webp 2606:4700:3033::681b:92db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.talkbasket.net/wp-content/uploads/2019/11/DeAndre-Jordan-Brooklyn-Nets.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681b:92db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a8f4ca3c65bedd1448e4f2eb70e7e46e650df15ca2516400ad361a5c98ea5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-sol: orig
age: 329173
x-ezoic-cdn: Hit ds;dd;644e298df3464efd03bf7301bf327227;2-66096-0;f84c13ba-7f8e-4f90-5580-6a2ef0abbaba
status: 200
x-middleton-display: orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
response: 200
last-modified: Fri, 27 Mar 2020 19:36:08 GMT
server: cloudflare
etag: W/"72bc-59697e9ae8fef-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/webp
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding,X-APP-JSON
cache-control: max-age=31536000
cf-ray: 57cb0e2a5931dfeb-FRA
display: orig_site_sol

GET
H2 200 220px-Padre_Ant%C3%B3nio_Vieira.jpg
upload.wikimedia.org/wikipedia/commons/thumb/2/28/Padre_Ant%C3%B3nio_Vieira.jpg/ 23 KB
23 KB 225ms
225ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/2/28/Padre_Ant%C3%B3nio_Vieira.jpg/220px-Padre_Ant%C3%B3nio_Vieira.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

a031adca410372e39e59fe92865712d06a9f6c5c37c694a56c3f5ce5e6ab4fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 20:24:09 GMT
age: 68187
x-cache-status: hit-front
x-cache: cp3065 hit, cp3057 hit/1
status: 200
server-timing: cache;desc="hit-front"
content-length: 23470
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Sat, 19 Aug 2017 21:07:12 GMT
server: ATS/8.0.6
etag: 815f776571c80778e58e22c5a8002741
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1503176831.75440
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 bentlee-prince-albert.jpg
i.cbc.ca/1.5515094.1585594537!/fileImage/httpImage/image.jpg_gen/derivatives/original_780/ 40 KB
41 KB 55ms
19ms Image
image/webp 104.111.215.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cbc.ca/1.5515094.1585594537!/fileImage/httpImage/image.jpg_gen/derivatives/original_780/bentlee-prince-albert.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.9 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-9.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 29de5a23027a1872773b121a452a573624dd3b987363b2426ac68bfdaa8eaafc

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
x-check-cacheable: YES
x-serial: 75
content-type: image/webp
status: 200
cache-control: no-transform, max-age=31466015
last-modified: Mon, 30 Mar 2020 19:56:15 GMT
content-length: 41204
server: Akamai Image Manager
expires: Tue, 30 Mar 2021 19:54:11 GMT

GET
H2 200 augusto-heleno.jpg
s2.glbimg.com/YjiO2H-df5cuoRlvVuOanPy2yI4=/0x0:1700x1065/984x0/smart/filters:strip_icc()/s.glbimg.com/jo/g1/f/original/2019/01/08/ 30 KB
31 KB 889ms
422ms Image
image/webp 186.192.91.9
Globo ComunicaÃÂ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/YjiO2H-df5cuoRlvVuOanPy2yI4=/0x0:1700x1065/984x0/smart/filters:strip_icc()/s.glbimg.com/jo/g1/f/original/2019/01/08/augusto-heleno.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 186.192.91.9 , Brazil, ASN28604 (Globo ComunicaÃÂ§ÃÂ£o e ParticipaÃÂ§oes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: nginx /
Resource Hash: 1a4df6ff304a57e7861511584cc70d9432f871028123802eb991d42979528653

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
via: 2.0 CachOS
server: nginx
age: 0
etag: "5af3a45be79375e55a1674ce12c0dedfaff73a68"
x-bip: 1057547002 ra01 03 09
vary: Origin, Accept
content-type: image/webp
status: 200
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB0D023
access-control-allow-headers: Content-Type
content-length: 31106
expires: Thu, 30 Apr 2020 15:20:36 GMT

GET
H2 200 26143376-0-image-a-16_1584575841473.jpg
i.dailymail.co.uk/1s/2020/03/18/23/ 206 KB
207 KB 81ms
42ms Image
image/jpeg 23.37.54.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dailymail.co.uk/1s/2020/03/18/23/26143376-0-image-a-16_1584575841473.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.54.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-54-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c696e0a226eadc23d010a353ebe66ea495abe3a87672611d7d3587db0b8cfa5f

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: hkbZQc2PE4fvBx1.pVxMtOcU1Xr.19sa
last-modified: Wed, 18 Mar 2020 23:57:24 GMT
server: AmazonS3
x-amz-request-id: BA22C9A6C0B40173
etag: "4bdcaab3b2dc9705d26c1fefb74c6a70"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
date: Tue, 31 Mar 2020 15:20:36 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
timing-allow-origin: *
content-length: 211294
x-amz-id-2: i7Xr8njWAZFczSdWfzVEpbjbwP9q0cxcYUQykcWkC4qjMFrwF1bmkadjtOA+AwDAf9YU8pGOUYY=
expires: Thu, 30 Apr 2020 15:20:36 GMT

GET
H2 200 Pere_Aragon%C3%A8s_retrat_oficial_2018.jpg
upload.wikimedia.org/wikipedia/commons/5/59/ 91 KB
91 KB 228ms
227ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/5/59/Pere_Aragon%C3%A8s_retrat_oficial_2018.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

069c935f0ddebb5ab544136dc1e2d850f7eab08b2288f21fd06281f1da9a20ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:04 GMT
age: 33
x-cache-status: hit-local
x-cache: cp3051 hit, cp3057 miss
status: 200
server-timing: cache;desc="hit-local"
content-length: 92827
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 4vh3rdjn9ydtt3h4e0kq5orszrk9rjs
last-modified: Mon, 04 Jun 2018 08:44:19 GMT
server: ATS/8.0.6
etag: e4c7b8a73f00455fb092023d0ffa859f
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1528101858.88196
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 636
ia.tmgrup.com.tr/4cdd2e/806/378/0/74/1200/ 40 KB
41 KB 82ms
26ms Image
image/jpeg 185.107.83.119
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.tmgrup.com.tr/4cdd2e/806/378/0/74/1200/636?u=https://i.tmgrup.com.tr/anews/v1/2020/03/17/polands-environment-minister-tests-positive-for-coronavirus-1584434651266.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.107.83.119 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: ersRV /
Resource Hash: 914190468999c00ede15212b0e67eaaec5b7689eb28dd9a6bd33f27e79f13494

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
via: HTTP/2.0 Erstream AFAP CDN
x-mid: DS1
age: 6
x-release: 2020-03-25 00:00:00
status: 200
content-disposition: inline; filename=806x378-polands-environment-minister-tests-positive-for-coronavirus-1584434651266.jpg
content-length: 41163
last-modified: Tue, 31 Mar 2020 15:20:30 GMT
server: ersRV
content-type: image/jpeg
access-control-allow-origin: *
x-edge: NL2
cache-control: max-age=15552000
x-server: 65
x-ecache: HIT
x-mcache: MISS

GET
H2 200 luis-sepulveda-U301253693973zLI--1024x512@abc.jpg
static2.abc.es/media/cultura/2020/03/11/ 93 KB
94 KB 48ms
21ms Image
image/jpeg 95.101.27.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.abc.es/media/cultura/2020/03/11/luis-sepulveda-U301253693973zLI--1024x512@abc.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.121 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-121.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 481f47fc9feeb6a96c4eb0cefaba9679b6f8ea8bbb85946cebd2b94fe6155eeb

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
last-modified: Wed, 11 Mar 2020 16:56:05 GMT
server: nginx
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=378049
accept-ranges: bytes
link: <https://static.abc.es/cultura/2020/03/11/luis-sepulveda-U301253693973zLI--1024x512@abc.jpg>; rel="canonical"
content-length: 95620

GET
H2 200 Placido-Domingo.jpeg
www.rawstory.com/wp-content/uploads/2020/02/ 17 KB
17 KB 46ms
26ms Image
image/webp 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rawstory.com/wp-content/uploads/2020/02/Placido-Domingo.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00199b23a0786df5e6add890cfd509ff61907e462e78c96742aec136e45b4f23

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
cf-cache-status: HIT
age: 40081
cf-polished: qual=85, origFmt=jpeg, origSize=47137
status: 200
content-disposition: inline; filename="Placido-Domingo.webp"
content-length: 16930
last-modified: Tue, 25 Feb 2020 11:09:30 GMT
server: cloudflare
etag: "5e55006a-b821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57cb0e2aeff2dffb-FRA
cf-bgj: imgq:85

GET
H2 200 Jason_Collins_Nets_2014.jpg
upload.wikimedia.org/wikipedia/commons/4/4c/ 604 KB
605 KB 170ms
170ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/4c/Jason_Collins_Nets_2014.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.6 /

Resource Hash

c799b42128f50108050effe0869a584813803384b63d7285283beeeb8fe46cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 22:41:05 GMT
age: 59972
x-cache-status: hit-local
x-cache: cp3051 hit, cp3057 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 618515
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 8oi8o1fmpy8ccmyabkaky5yd9ulhi3t
last-modified: Sun, 16 Mar 2014 04:17:34 GMT
server: ATS/8.0.6
etag: 1a31ae880b61656d726633e4808fda86
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1394943453.91708
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 GettyImages-1207248441.jpg
i1.wp.com/metro.co.uk/wp-content/uploads/2020/03/ 15 KB
16 KB 257ms
236ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/metro.co.uk/wp-content/uploads/2020/03/GettyImages-1207248441.jpg?quality=90&strip=all&zoom=1&resize=644%2C415&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

85dd8057b30975d0d02d69144ec3536a3874b6f2c30aaa059d6c01c034da1245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 1
date: Tue, 31 Mar 2020 15:20:36 GMT
x-content-type-options: nosniff
x-bytes-saved: 20352
last-modified: Tue, 17 Mar 2020 21:03:43 GMT
server: nginx
etag: "1a91c84e2f86bf28"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://metro.co.uk/wp-content/uploads/2020/03/GettyImages-1207248441.jpg>; rel="canonical"
content-length: 15790
expires: Fri, 18 Mar 2022 09:03:43 GMT

GET
H2 403 D78D0EFB-511D-4AEE-BB84-2D181ED6D69A.jpeg
www.talkbasket.net/wp-content/uploads/2020/03/ 0
0 14ms
13ms Image
text/html 2606:4700:3033::681b:92db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.talkbasket.net/wp-content/uploads/2020/03/D78D0EFB-511D-4AEE-BB84-2D181ED6D69A.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:92db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK hi-res-345de0c3c5ddd3776761ab8b1f1a138b_crop_north.jpg
img.bleacherreport.net/img/images/photos/003/860/254/ 293 KB
294 KB 28ms
28ms Image
image/jpeg 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.bleacherreport.net/img/images/photos/003/860/254/hi-res-345de0c3c5ddd3776761ab8b1f1a138b_crop_north.jpg?1585531753&w=3072&h=2048
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.7.7 /
Resource Hash: 7e821441dbf44e03f60c9c9f4c5c74223439bf1eb42e05d5454dc244aea13ed4

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: UhOU2Q1UFe3c3HvdOdaUEK0Fp0nu80N_
Via: 1.1 varnish, 1.1 varnish
Age: 135907
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Date: Tue, 31 Mar 2020 15:20:36 GMT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 299833
x-amz-id-2: APdJjoBE8oHjci9M6v0U+8J8DoP/5aAmdZ6J+3JTqSgxtUGhYPD5N0zbCWX7jZ1CPxuatJn5bzA=
X-Served-By: cache-dca17740-DCA, cache-fra19171-FRA
Last-Modified: Mon, 30 Mar 2020 01:29:50 GMT
Server: nginx/1.7.7
X-Timer: S1585668036.335771,VS0,VE21
ETag: "b03de5516039f857750622530bdf3598"
x-amz-request-id: 27A5F46882AA4309
Cache-Control: max-age=252460800
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Sat, 18 Mar 2028 22:21:01 GMT

GET
H2 200 manu-dibango-has-died-covid19.jpg
thevinylfactory.com/wp-content/uploads/2020/03/ 230 KB
230 KB 484ms
445ms Image
image/jpeg 192.124.249.2
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thevinylfactory.com/wp-content/uploads/2020/03/manu-dibango-has-died-covid19.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.2 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10002.sucuri.net

Software

nginx /

Resource Hash

3feb9685f69537a8234be4d72d02ec002900ed6a3c05042008a01b52f1cec79a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 15:20:36 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 235273
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Mar 2020 11:40:24 GMT
server: nginx
etag: "39709-5a19837a2f9ad"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15002
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
49 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200326&jk=3242027692132782&bg=!LyylLDRY_AkYlDamDzYCAAAANFIAAAAKmQFhG5bdMYjjBlyve9c_hgSd_uupV7j6gQyNBo9lc6g2U_LUPRSJHqiBXbH9IgpM9mfMbyXuhynFj3I59k0m9rVbg2gkY2DMLxpj_JpNA6Uz00jOuHbYPSZ0v8MdbpG4EvoTCc5-hMXVjO3KQQwh04Fg5FOmbPWwKa-QWxII7ilSJs6hK7Bn4-ZufP1RrI5vrYrEiqcXW7E6nQBhenkiNP7cNLfZ8pfGWj5gmS9esRI8pHlSKt2uk3bjzlhjdafokyfgQl8r5NybO70_wFX8e1k-Cp0BrzPSf2UqHUlBstY_oQvhFq5v2iAj1EQzq0Xycs78u2ELDMUYzgqVPk70N8YzEJQnMuUbAO11Nf1CZoJ24n8d3BIknRQNNuek-vmggTIndnfRNK4JtM9EWNlswT94JDBtnRHlSsBmtz_XCN7sA10xoBGrRbEvSe1p4OCFvpVc2yMqxvFnof74Z3IBQKABt44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.whosgotcorona.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 15:20:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 08:27:48	Name: test_cookie Value: CheckForPermission
.whosgotcorona.com/	1970-01-19 08:27:48	Name: _gat Value: 1
.whosgotcorona.com/	1970-01-19 08:27:48	Name: _gat_gtag_UA_132593989_2 Value: 1
.whosgotcorona.com/	1970-01-19 08:29:14	Name: _gid Value: GA1.2.1543933603.1585668035
.whosgotcorona.com/	1970-01-20 01:59:00	Name: _ga Value: GA1.2.445879441.1585668035

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.whosgotcorona.com/static/js/main.e312ceef.chunk.js(Line 1) Message: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ametrade.org
biographymask.com
bootswatch.com
cdn.calciomercato.com
cdn.cnn.com
cdn.face2faceafrica.com
cdn.mos.cms.futurecdn.net
code.jquery.com
dynaimage.cdn.cnn.com
e0.365dm.com
fonts.googleapis.com
foto.sondakika.com
googleads.g.doubleclick.net
hips.hearstapps.com
i.cbc.ca
i.dailymail.co.uk
i1.wp.com
ia.tmgrup.com.tr
images.daznservices.com
images.indianexpress.com
images.rogersdigitalmedia.com
img.bleacherreport.net
live.mrf.io
lookaside.fbsbx.com
m.media-amazon.com
pagead2.googlesyndication.com
pmcdeadline2.files.wordpress.com
pmcvariety.files.wordpress.com
s.rfi.fr
s2.glbimg.com
static.timesofisrael.com
static01.nyt.com
static2.abc.es
thevinylfactory.com
tpc.googlesyndication.com
upload.wikimedia.org
www.680news.com
www.8newsnow.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gouvernement.gov.bf
www.inquirer.com
www.jpost.com
www.rawstory.com
www.talkbasket.net
www.thesun.co.uk
www.whosgotcorona.com
104.109.77.48
104.111.214.203
104.111.215.9
151.101.112.155
151.101.113.164
151.101.12.64
151.101.2.207
163.171.128.153
185.107.83.119
186.192.91.9
192.0.66.120
192.0.72.3
192.0.72.30
192.0.77.2
192.124.249.2
196.13.207.40
2001:4de0:ac19::1:b:3b
205.185.216.10
217.160.224.60
23.37.41.20
23.37.48.49
23.37.54.213
2606:4700:20::681a:823
2606:4700:3031::681c:158d
2606:4700:3033::681b:92db
2606:4700:3033::681c:d17
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2002
2a02:26f0:6c00:187::3134
2a02:26f0:6c00:190::2bc9
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::272
2a0b:4d07:101::1
34.226.145.86
67.27.157.252
8.241.121.124
92.123.20.250
95.100.73.243
95.101.27.117
95.101.27.121
99.84.155.64
00199b23a0786df5e6add890cfd509ff61907e462e78c96742aec136e45b4f23
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
069c935f0ddebb5ab544136dc1e2d850f7eab08b2288f21fd06281f1da9a20ec
0afd02091ee61480fb42f524816391981e8cbb71d2635400d26aba9b0b23a877
145d750f64ef6c2e65a79ebef9931fdd2a6d0eb3507884a80ef56c05af23a404
1a4df6ff304a57e7861511584cc70d9432f871028123802eb991d42979528653
1e42d080b7a218ca3bbf90dcaf9819be22408692d53c582c18a9fba2ec1f4d1e
26c43d28b622abc5c1c277aef3771d8c67e717e0a5fd6f3f93d9c51ca0641d92
27fea8bd243bb4ac47bc6a9c6bafd3914148bcab43e439df9d0f687c1146507a
29de5a23027a1872773b121a452a573624dd3b987363b2426ac68bfdaa8eaafc
2d37966edc70fc76eed3e850e9654d5df2de7b80361de34a641863de1b3c2089
3640454384f4c0ec6ac37ce31bf8924d7d4ed1cdd2d9c7dfc4fd5b38fdb0263a
36daed6285105c49fb513f0315fd800bc04ea03f39449a82c597dd063936d685
3e6b66164836e6189e724a03fbcf1e7863cde0f2f49d9823a79c351d8a760444
3feb9685f69537a8234be4d72d02ec002900ed6a3c05042008a01b52f1cec79a
4087588b1e89957686e24e533ead4cec2bf964f5c9d5e695077ac93e7b82588e
43b226657549f8960532688895ee2211cd20e35008de21499f97d08d3c31b940
46428443bbcbbf07f2af2737af12542016922eb3f6ed5422d33b681bed4f9c7c
46538f46cde84fff33704187c06eea63f1c608753f00d66018cbe0b326fe57aa
46634615eaec9d9c20edbe6336329424806746bf86e686da88f6f7c5216b7cd9
47672e4e686b88f400351fe84c16e2dabfa49c48cf86af4aa10a5e958b9f091a
481f47fc9feeb6a96c4eb0cefaba9679b6f8ea8bbb85946cebd2b94fe6155eeb
4863266aa6b24faf9baec6d7b13278a04a0342ce95ad489dce38e70ac138b3e6
511f9f44a837546a4bc0dbfbdc526d5e5b6326f2d3251386e2dc744eabcdd4dd
51b3b9ec771267d82a98b6b0b21884dcd9d02c63e3d4d49b8690b5e3256511c0
60d96bef317cb64c8ff78967301cbd8045cfb709f96b3592ed633af7090a5ee0
661764aeb1187f719832c5cc58e2e9c47058c523ee0870fbde6e03090408a362
68cca7261fe0491b2e8aea421524c35d6beccc45c2e7bd131841315b9e1dec37
6af3d2e6a0aea679f63d91d2cabde2da73a8b9f916cd839f473f6a0e4453a4fa
70660a0c26b2516ddbf115daf99685ca2f2e94f50dd6f2c3092d923cb084b434
7cc50de68a97613164bd4f872455b36e9a07a64ec2d3f06d36e3b7f4957ec68e
7de25efc85ccf8b8af3d24a5d4a6ea53a4a0068393e2b843fb754a432aa13720
7e821441dbf44e03f60c9c9f4c5c74223439bf1eb42e05d5454dc244aea13ed4
7f5e63d4d4a5a4742ec4310e8b05852c83320c0d1007164bd423092ad4f057f5
7f95c40a8afef1b243970b191eb6c4056b35870f828a20ced4a9355b3a0ddd14
7facce5021b734b5df765efeb023fd18f8458e7803cb3cdd6996c4676b10a388
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85dd8057b30975d0d02d69144ec3536a3874b6f2c30aaa059d6c01c034da1245
8aaf215b7460193991fb3c4a4d93d77a916cd4e8c2ad12515cb45ba99d8b1d24
8b3b8075462bea62456dc410aeb7beb6de7438e4d935977f1c398ab2959514b0
8d442b142729234000332cbcce8acbbe0b42bc5c545a1ebc971fa4182bfa94ce
914190468999c00ede15212b0e67eaaec5b7689eb28dd9a6bd33f27e79f13494
95dc8a0b0e013b4b090be429c151435bb62837d4905c6ac2183c8d87498499b1
964bec1f0a87aba9359d1dffccbce0615a0dfa10893a23e9790fbdf3241512e4
9a8f4ca3c65bedd1448e4f2eb70e7e46e650df15ca2516400ad361a5c98ea5b9
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
9cd9dfffa1ea96dd7ca0c0b3792a7d7aedcf4cd1adac57ac25608cef3c475310
a031adca410372e39e59fe92865712d06a9f6c5c37c694a56c3f5ce5e6ab4fc1
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
abd044afd2198d6c555850bb89d8aa7e8cd5075f187f58002469d63cd7e1b750
ac1c94f6fef8639570ddba3b40a404eaf8f7077f501a125e0a918b8f5bbd2fde
b025b7b0e1bd3b921a74079cfcc977665d8b1c2a31f3cd0cc9aaaf7d9a888e46
b03aac4389cf4f8ca718e9e1954a3236fee4d6ef2fc32576204dc7a4ebfb9278
b8e3835d0ebad069c2b96385faef69771c1766239a1288c46c4792004dcaa632
be38bf981b76beeed5d61e79530798f69abfcf957fc9e6c6939e6cbcd4aadb4f
bf13a1c3f51b99dffd640c6afd5a6054b3b714278b9384badc64cc10173bfe02
c027269d3339555edfdbc9e15d134f956039f2cb27b0f81d48718b1d7b44671c
c28cd7a60fdd275f416e838caf51c0b360db6e8a237e50a9665560b0207c4150
c4816db81426bbe25466f5fb7467b947ef401aa1a6f8b4305d30a4a27a8b2c32
c696e0a226eadc23d010a353ebe66ea495abe3a87672611d7d3587db0b8cfa5f
c799b42128f50108050effe0869a584813803384b63d7285283beeeb8fe46cc5
cb5bd7c1f8505c5bbe532a2a0f72d23cfbe47ca3eb52d7e5258f691e0e7ac342
d06b65e90eecbd46af3da702676084a686067c0476fb2b3475fcd95fd2525ecb
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
def055c1abe67899babec52cfef4919d5b52ffd5185fb2954e53a0228765f952
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46be1d5cb4b2c35e8fca8b7083f139aaeee824af8e45233dc29af9ccac47d32
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebc22fdbf150803f842685ef45f7900829ecd77cd0645450ea3038bae6a2360b
ece8bc3195e86cf40f6f3d35b87141693bcd7ea1576f9963555c5b917137215e
edfd73f3e8ddbeba1798f317f901746b3e9c5256e835d4d69ef20064652ca244
f18a203259857a72b7febf06a8e48f9404d8bcb2208fcbfbef416e6d628c7bd1
f756006ceed170223d6ff99abb0885f1df84c5769a30c94385b4c6d24dfff94d
f948d3a775b6aa057a4f526831c6f974e907956a606321f229b9a20ce7d67616
fb300a9ed1864a187d567fdf5678013512b0939145e2be4392275822adcc8f44
fdb5f1e642dda4d41aff652714cca5813c1b982a55baa2775af492580a336791

www.whosgotcorona.com Open in urlscan Pro 34.226.145.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

38 %IPv6

48 Domains

51 Subdomains

46 IPs

9 Countries

31457 kBTransfer

32092 kBSize

5 Cookies

0 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.whosgotcorona.com Open in urlscan Pro
34.226.145.86 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

38 %
IPv6

48
Domains

51
Subdomains

46
IPs

9
Countries

31457 kB
Transfer

32092 kB
Size

5
Cookies

85 HTTP transactions
0 data transactions